Re: [fw-wiz] GIDS, Intrusion Prevention: A Firewall by Any Other Name
From: Marcus J. Ranum (mjr@ranum.com)
Date: 08/12/02
- Next message: kadokev@msg.net: "Re: [fw-wiz] Re: Wireless"
- Previous message: Ryan Russell: "Re: [fw-wiz] GIDS, Intrusion Prevention: A Firewall by Any Other Name"
- Maybe in reply to: Crispin Cowan: "[fw-wiz] GIDS, Intrusion Prevention: A Firewall by Any Other Name"
- Next in thread: M. Dodge Mumford: "Re: [fw-wiz] GIDS, Intrusion Prevention: A Firewall by Any Other Name"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: Ryan Russell <ryan@securityfocus.com>, Crispin Cowan <crispin@wirex.com> From: "Marcus J. Ranum" <mjr@ranum.com> Date: Mon Aug 12 20:10:04 2002
Ryan Russell wrote:
>I think a more interesting question is: if GIDS is the new "firewall",
>then why did firewalls running on top end PCs max at 100mbps or so with
>just a few dozen rules and terribly simply filtering capabilities...
Because they're really really really badly written.
There may be other reasons but "crappy code" is #1.
mjr.
--- Marcus J. Ranum http://www.ranum.com Computer and Communications Security mjr@ranum.com
- Next message: kadokev@msg.net: "Re: [fw-wiz] Re: Wireless"
- Previous message: Ryan Russell: "Re: [fw-wiz] GIDS, Intrusion Prevention: A Firewall by Any Other Name"
- Maybe in reply to: Crispin Cowan: "[fw-wiz] GIDS, Intrusion Prevention: A Firewall by Any Other Name"
- Next in thread: M. Dodge Mumford: "Re: [fw-wiz] GIDS, Intrusion Prevention: A Firewall by Any Other Name"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
